Forum Discussion
NimbostratusiControl related to traffic flow and iRule applied
I have design and tested an iRule, now I need some help to apply the iRule to given VIP based on resource pool availability, in addition I like to terminate the HTTPS traffic on the same VIP as supposed to pass through when above is true.
In summary:
If “resource pool” available -> remove the iRule & allow the traffic to pass through If “resource pool” unavailable -> terminate traffic on VIP & associate the iRule to the VIP
5 Replies
What_Lies_Bene1Cirrostratus
OK, so what is 'resource pool' please? Is it something monitored on the F5 itself?
Nader_125543In this case the Virtual server in scope has a pool with one member, the member is being monitored via TCP port 443 by F5.
- What_Lies_Bene1
OK, so, if the Pool Member (and thus the Pool as it's the only member) is down you want to terminate SSL and use your iRule (a redirect perhaps), if up, pass it through?
Would you be OK doing this with just an iRule? Shouldn't be too hard; check the Pool status on initial connection, if up, disable SSL and exit, if down, apply the logic in the rule you've already created. Sound good?
- Nader_125543
Are you suggesting something like this?
when CLIENT_ACCEPTED { if { [active_members ] =0 } { SSL::enable SSL::profile /Common/clientssl HTTP::enable } else { SSL::disable HTTP::disable } }
when HTTP_REQUEST { ... << display the maintenance page >> }
- What_Lies_Bene1
So, you need to use a standard Virtual Server with the required SSL profile and HTTP profile assigned and then yes, something very like what you've suggested;
when CLIENT_ACCEPTED { If the Pool is up, pass it through and disable HTTP and SSL if { [active_members pool_name] > 0 } { SSL::disable HTTP::disable } If the Pool is down, do nothing and SSL will be terminated and the HTTP_REQUEST event will fire and display the maint. page else { Do nothing } } when HTTP_REQUEST { ... << display the maintenance page >> }
